BOOL CR_ModuleEx::_PrepareForDisAsm32() {
if (!IsModuleLoaded() || !Is32Bit())
return FALSE;
_CreateInfo32();
if (Info32()->Entrances().size()) {
return TRUE;
}
// register entrances
auto RVA = RVAOfEntryPoint();
CR_Addr32 va = VA32FromRVA(RVA);
Info32()->Entrances().emplace(va);
{
auto codefunc = make_shared<CR_CodeFunc32>();
codefunc->Addr() = va;
codefunc->Name() = "EntryPoint";
codefunc->StackArgSizeRange().Set(0);
codefunc->FuncFlags() |= cr_FF_CDECL;
Info32()->MapAddrToCodeFunc().emplace(va, codefunc);
MapRVAToFuncName().emplace(RVA, codefunc->Name());
MapFuncNameToRVA().emplace(codefunc->Name(), RVA);
}
// exporting functions are entrances
for (auto& e_symbol : ExportSymbols()) {
va = VA32FromRVA(e_symbol.dwRVA);
if (!AddressInCode32(va)) {
continue;
}
Info32()->Entrances().emplace(va);
MapRVAToFuncName().emplace(e_symbol.dwRVA, e_symbol.pszName);
MapFuncNameToRVA().emplace(e_symbol.pszName, e_symbol.dwRVA);
}
return TRUE;
} // CR_ModuleEx::_PrepareForDisAsm32
void CR_Module::DumpExportSymbols()
{
PIMAGE_EXPORT_DIRECTORY pDir = ExportDirectory();
if (pDir == NULL)
return;
//DWORD dwNumberOfNames = pDir->NumberOfNames;
//DWORD dwAddressOfFunctions = pDir->AddressOfFunctions;
//DWORD dwAddressOfNames = pDir->AddressOfNames;
//DWORD dwAddressOfOrdinals = pDir->AddressOfNameOrdinals;
//LPDWORD pEAT = (LPDWORD)GetData(dwAddressOfFunctions);
//LPDWORD pENPT = (LPDWORD)GetData(dwAddressOfNames);
//LPWORD pOT = (LPWORD)GetData(dwAddressOfOrdinals);
printf("\n### EXPORTS ###\n");
printf(" Characteristics: 0x%08lX\n", pDir->Characteristics);
printf(" TimeDateStamp: 0x%08lX (%s)\n", pDir->TimeDateStamp, CrGetTimeStampString(pDir->TimeDateStamp));
printf(" Version: %u.%u\n", pDir->MajorVersion, pDir->MinorVersion);
printf(" Name: 0x%08lX (%s)\n", pDir->Name, reinterpret_cast<char *>(GetData(pDir->Name)));
printf(" Base: 0x%08lX (%lu)\n", pDir->Base, pDir->Base);
printf(" NumberOfFunctions: 0x%08lX (%lu)\n", pDir->NumberOfFunctions, pDir->NumberOfFunctions);
printf(" NumberOfNames: 0x%08lX (%lu)\n", pDir->NumberOfNames, pDir->NumberOfNames);
printf(" AddressOfFunctions: 0x%08lX\n", pDir->AddressOfFunctions);
printf(" AddressOfNames: 0x%08lX\n", pDir->AddressOfNames);
printf(" AddressOfNameOrdinals: 0x%08lX\n", pDir->AddressOfNameOrdinals);
printf(" \n");
printf(" %-50s %-5s ; %-8s %-8s\n", "FUNCTION NAME", "ORDI.", "RVA", "VA");
for (DWORD i = 0; i < ExportSymbols().size(); ++i)
{
CR_ExportSymbol& symbol = ExportSymbols()[i];
if (symbol.dwRVA)
{
if (Is64Bit())
{
CR_Addr64 va = VA64FromRVA(symbol.dwRVA);
if (symbol.pszName)
printf(" %-50s @%-4lu ; %08lX %08lX%08lX\n",
symbol.pszName, symbol.dwOrdinal, symbol.dwRVA,
HILONG(va), LOLONG(va));
else
printf(" %-50s @%-4lu ; %08lX %08lX%08lX\n",
"(No Name)", symbol.dwOrdinal, symbol.dwRVA,
HILONG(va), LOLONG(va));
}
else if (Is32Bit())
{
CR_Addr32 va = VA32FromRVA(symbol.dwRVA);
if (symbol.pszName)
printf(" %-50s @%-4lu ; %08lX %08lX\n",
symbol.pszName, symbol.dwOrdinal, symbol.dwRVA, va);
else
printf(" %-50s @%-4lu ; %08lX %08lX\n",
"(No Name)", symbol.dwOrdinal, symbol.dwRVA, va);
}
}
else
{
if (symbol.pszName)
printf(" %-50s @%-4lu ; (forwarded to %s)\n",
"(No Name)", symbol.dwOrdinal, symbol.pszForwarded);
else
printf(" %-50s @%-4lu ; (forwarded to %s)\n",
"(No Name)", symbol.dwOrdinal, symbol.pszForwarded);
}
}
printf("\n\n");
}
